{"id":12030,"date":"2020-12-18T12:25:37","date_gmt":"2020-12-18T17:25:37","guid":{"rendered":"https:\/\/www.thesslstore.com\/blog\/?p=12030"},"modified":"2023-03-27T13:58:56","modified_gmt":"2023-03-27T17:58:56","slug":"the-best-cyber-security-books","status":"publish","type":"post","link":"https:\/\/www.thesslstore.com\/blog\/the-best-cyber-security-books\/","title":{"rendered":"The 25 Best Cyber Security Books \u2014 Recommendations from the Experts"},"content":{"rendered":"\n<h3 class=\"wp-block-heading\" id=\"h-we-asked-cybersecurity-pros-to-share-their-favorite-cybersecurity-books-here-s-what-they-recommend-for-our-newly-expanded-list\">We asked cybersecurity pros to share their favorite cybersecurity books \u2014 here\u2019s what they recommend for our newly expanded list<\/h3>\n\n\n\n<div class=\"wp-block-advanced-gutenberg-blocks-notice is-variation-info has-icon\" data-type=\"info\"><svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"24\" height=\"24\" viewBox=\"0 0 24 24\" fill=\"none\" stroke=\"currentColor\" stroke-width=\"2\" stroke-linecap=\"round\" stroke-linejoin=\"round\"><circle cx=\"12\" cy=\"12\" r=\"10\"><\/circle><line x1=\"12\" y1=\"16\" x2=\"12\" y2=\"12\"><\/line><line x1=\"12\" y1=\"8\" x2=\"12\" y2=\"8\"><\/line><\/svg><p class=\"wp-block-advanced-gutenberg-blocks-notice__title\">This Is an Updated List of the Best Cyber Security Books<\/p><p class=\"wp-block-advanced-gutenberg-blocks-notice__content\"><strong><em>Note: This article, which was originally published in February 2020, has been updated to include new recommendations from additional IT and cyber security industry experts.<\/em> <\/strong><\/p><\/div>\n\n\n\n<p class=\"wp-block-paragraph\">Criminals. Mystery. Danger. Money. Technology. Sextortion. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">While all of these things together sound like the makings of a best-selling fiction novel, the cyber security industry \u2014 and all of the <a href=\"https:\/\/www.thesslstore.com\/blog\/the-top-9-cyber-security-threats-that-will-ruin-your-day\/\">threats<\/a> and dangers that exist within it \u2014 is all too real. That\u2019s one reason why cybersecurity books make for some pretty interesting reading both in terms of academics and entertainment. That\u2019s because the best cyber security books are those that are written to inform as well as entertain. They hijack your attention as readily as a cyberattack and don\u2019t let you go until you reach the back cover. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Good cyber security books share insights gained from\nreal-world situations and examples that we can learn from as professionals. It\u2019s\nthe great ones that teach us what to look out for so that we\u2019re prepared to\nprevent ourselves from falling prey to cybercriminals. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">But what are considered the \u201cbest cyber security books\u201d and why? This two-part question led me to reach out to many IT and cyber security experts within the industry to inquire about their favorite books on cyber security and create a comprehensive list of the \u201cbest cyber security books.\u201d Wondering which titles made their lists? <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Let\u2019s hash it out.<span id=\"newline\"><\/span><\/p>\n\n\n<span style=\"--tl-form-height-m:150.25px;--tl-form-height-t:121.4583px;--tl-form-height-d:121.4583px;\" class=\"tl-placeholder-f-type-shortcode_12753 tl-preload-form\"><span><\/span><\/span>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-must-reads-the-25-best-cybersecurity-books-you-need-to-read\">Must-Reads: The 25 Best Cybersecurity Books You Need to Read<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">For this updated article, we\u2019re going to break down the list of the best cybersecurity books by the IT or cyber security expert who recommends them. To make things fair, we\u2019re not showing preferential treatment in the sense of who is listed first. We\u2019re just listing the responses as they came in. (Sorry, no bribes of chocolates or whiskey for this woman!) So, basically, we&#8217;ve tacked the new recommendations onto the existing list we published previously. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Oh, and just one quick note: This list of the best cyber security books does NOT include any self-promotions. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Our first series of five book recommendations comes from Gabe Turner, director of content at <a href=\"https:\/\/securitybaron.com\/\" target=\"_blank\" rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\">Security Baron<\/a>. Turner is both an attorney and a journalist with a self-proclaimed passion for home technology and finding ways to live securely and efficiently. It was his belief that creating stable, safe communities is imperative to a healthy and vibrant society. As such, it was that belief that led him to join up with Security Baron. <\/p>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"h-1-hacking-the-art-of-exploitation-2nd-ed\">1. Hacking: The Art of Exploitation (2nd Ed.)<\/h4>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Author:<\/strong> Jon Erickson<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/www.amazon.com\/Hacking-Art-Exploitation-Jon-Erickson\/dp\/1593271441\/ref=sr_1_1?keywords=hacking%3A+the+art+of+exploitation&amp;qid=1580755998&amp;s=books&amp;sr=1-1\" target=\"_blank\">Hacking: The Art of Exploitation<\/a> dives into the world of creative problem solving and exploitation. Rather than simply walking through how different exploits work, this book provides a holistic view of programming, network communications, and current hacking techniques. Unlike many cyber security books, this one comes with a LiveCD. The disc provides a complete Linux environment to help you get your hands dirty with programming and debugging code \u2014 all without compromising or modifying your operating system (OS). &nbsp;<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p class=\"wp-block-paragraph\"><em>This book not only shows you how hacking works on a technical level, but it\u2019s also told from a hacker\u2019s perspective, which is really useful for IT professionals. I love how accessible the writing is; you don\u2019t need to have a degree in computer science to get something out of it!\u201d<\/em><\/p>\n<\/blockquote>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"h-2-the-art-of-invisibility-the-world-s-most-famous-hacker-teaches-you-how-to-be-safe-in-the-age-of-big-brother-and-big-data\">2. The Art of Invisibility: The World\u2019s Most\nFamous Hacker Teaches You How to Be Safe in the Age of Big Brother and Big Data<\/h4>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Author:<\/strong> Kevin Mitnick<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/www.amazon.com\/Art-Invisibility-Worlds-Teaches-Brother\/dp\/B01NC39SM6\/ref=sr_1_1?keywords=the+art+of+invisibility&amp;qid=1580755789&amp;s=books&amp;sr=1-1\" target=\"_blank\" rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\">The Art of Invisibility<\/a>, written by the world\u2019s most famous hacker, Kevin Mitnick, is one of those cyber security books that informs readers about what they can do to protect themselves and their information in the digital age of \u201cBig Brother\u201d and \u201cBig Data.\u201d <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">According to Turner:<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p class=\"wp-block-paragraph\"><em>With so many security breaches and invasions of privacy from large tech companies, this book is a useful guide to how to stay safe online, and why it\u2019s important. Mitnick gives examples to show you examples of how our country and companies have encroached on privacy along with giving simple, step-by-step instructions on cybersecurity measures from passwords to Wi-Fi.\u201d<\/em><\/p>\n<\/blockquote>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"h-3-ghost-in-the-wires-my-adventures-as-the-world-s-most-wanted-hacker\">3. Ghost in the Wires: My Adventures as the\nWorld\u2019s Most Wanted Hacker<\/h4>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Author(s):<\/strong> Kevin Mitnick, William L. Simon<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/www.amazon.com\/Ghost-Wires-Adventures-Worlds-Wanted\/dp\/B005HBO3BY\/ref=sr_1_1?keywords=ghost+in+the+wire&amp;qid=1580756455&amp;s=books&amp;sr=1-1\">Ghost in\nthe Wires<\/a>, the second title on the list from Mitnick, is a brilliant\nfirst-hand account of his experiences accessing the networks and computers at\nsome of the world\u2019s biggest corporations \u2014 including Motorola, Pacific Bell,\nand Sun Microsystems.<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p class=\"wp-block-paragraph\"><em>Another book by Kevin Mitnick, this option is a memoir from his career as an IT worker at large companies, dealing with the FBI. Although he\u2019s just writing about coding, at the end of the day, Mitnick\u2019s artful prose makes it as exciting as a thriller. Personally, I wasn\u2019t able to put it down until I finished!\u201d<\/em><\/p>\n<\/blockquote>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"h-4-the-code-book-the-science-of-secrecy-from-ancient-egypt-to-quantum-cryptography\">4. The Code Book: The Science of Secrecy\nfrom Ancient Egypt to Quantum Cryptography<\/h4>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Author(s): <\/strong>Simon Singh<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/www.amazon.com\/Code-Book-Science-Secrecy-Cryptography\/dp\/0385495323\" target=\"_blank\" rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\">The Code Book<\/a> is an enlightening walk through the long-spanning history of encryption. It shows how encryption has played a role in shaping the course of the world \u2014 from defeating Hitler to making ecommerce possible (can you imagine how different world would be if either of those events didn\u2019t happen?) and everything in between.<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p class=\"wp-block-paragraph\"><em>This book is a history of encryption that dates all the way back to Ancient Egypt and also covers Mary, Queen of Scots and the Navajo Code Talkers, among other historical examples. Not only does the book provide technical explanations, but it also puts encryption into a historical context, which is pretty rare for a cybersecurity book. Whether you\u2019re interested in technology, history or both, this book is a unique look at encryption through a historical lens.<\/em>&#8221; <\/p>\n<\/blockquote>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"h-5-cult-of-the-dead-cow-how-the-original-hacking-supergroup-might-just-save-the-world\">5. Cult of the Dead Cow: How the Original\nHacking Supergroup Might Just Save the World<\/h4>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Author(s):<\/strong> Joseph Menn<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/www.amazon.com\/Cult-Dead-Cow-Original-Supergroup\/dp\/B07RX456JM\/ref=sr_1_1?keywords=Cult+of+the+Dead+Cow%3A+How+the+Original+Hacking+Supergroup+Might+Just+Save+the+World&amp;qid=1580758574&amp;s=books&amp;sr=1-1\" target=\"_blank\">Cult of the Dead Cow<\/a>, if you didn\u2019t know, refers to the oldest and most respected hacking group in the U.S. They aided in the development of TOR and, through their hacktivist efforts, forced many U.S. corporations to take their security protections to the next level. This book is all about their history and their impact on the world.<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p class=\"wp-block-paragraph\"><em>The Cult of the Dead Cow is a hacking group that recently got a lot of attention because <\/em><a href=\"https:\/\/www.reuters.com\/investigates\/special-report\/usa-politics-beto-orourke\/\" target=\"_blank\" rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\">[Beto] O\u2019Rourke<\/a><em>, former candidate for the Democratic presidential nominee, was in it as a teenager. A largely anonymous group, the Cult of the Dead Cow practically invented hacktivism and greatly influenced large companies and their IT. The book outlines the group\u2019s past as well as its present activities fighting fake news and surveillance.\u201d<\/em> <\/p>\n<\/blockquote>\n\n\n\n<p class=\"wp-block-paragraph\">Now, let\u2019s explore some recommendations of cyber security books from other IT and cybersecurity experts from around the globe:<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"h-6-social-engineering-the-science-of-human-hacking\">6. Social Engineering: The Science of Human\nHacking<\/h4>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Author(s):<\/strong> Christopher Hadnagy<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/www.amazon.com\/Social-Engineering-Second-Science-Hacking\/dp\/B07NS53TKR\/ref=sr_1_1?keywords=Social+Engineering%3A+The+Science+of+Human+Hacking&amp;qid=1580758966&amp;s=audible&amp;sr=1-1\" target=\"_blank\" rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\">Social Engineering<\/a> showcases both the creative genius and laziness of hackers. Why go through all the rigmarole and effort of breaking and climbing through a virtual window when you can walk through an open front door? This book looks at the vulnerabilities that exist within the human elements of a business and breaks down how you can recognize, anticipate, and prevent social engineering attacks. <\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p class=\"wp-block-paragraph\"><em>Any cybersecurity professional can tell you that some of the biggest hacks and data breaches happened due to human error, even in the most secure and robust networks What I like about this book is that it teaches you about human hacking, and how someone can get access to your entire database through social engineering. So it&#8217;s a great read even if you don&#8217;t understand the complexities of hacking and cybersecurity since it teaches you to defend against cyberattacks of a non-technical origin.<br> <br> In my opinion, any company that takes data protection seriously should include a copy of this book, or parts of, during employee training. Social engineering attacks come in all shapes and sizes, from email spoofing to physically allowing access to the company servers when they claimed to be there to install a new socket on the wall.\u201d<\/em><\/p>\n<cite>&#8211; Luka Arezina, editor-in-chief at <a rel=\"noreferrer noopener\" href=\"https:\/\/dataprot.net\/\" target=\"_blank\">DataProt<\/a>, a cyber security industry news publication.  <\/cite><\/blockquote>\n\n\n<span style=\"--tl-form-height-m:966.781px;--tl-form-height-t:989px;--tl-form-height-d:989px;\" class=\"tl-placeholder-f-type-shortcode_12768 tl-preload-form\"><span><\/span><\/span>\n\n\n<h4 class=\"wp-block-heading\" id=\"h-7-practical-malware-analysis\">7. Practical Malware Analysis<\/h4>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Author(s):<\/strong> Michael Sikorski<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/www.amazon.com\/Practical-Malware-Analysis-Hands-Dissecting\/dp\/1593272901\/ref=sr_1_1?keywords=Practical+Malware+Analysis&amp;qid=1580759270&amp;s=audible&amp;sr=8-1\" target=\"_blank\" rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\">Practical Malware and Analysis<\/a> takes an in-depth look at the solutions and approaches that professional analysts use to deal with malware threats. This hands-on approach to malware analysis takes you through everything from how to set up safe virtual environments to developing methods for unpacking malware and analyzing specific cases.<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p class=\"wp-block-paragraph\"><em>Malware attacks can cost a company a lot of money if it gets into your systems. Companies need to be able to have a response ready to combat the malware and to mitigate risk. Practical Malware Analysis goes over the best ways to examine and remove malware and other dangerous software. It provides not only approaches and best practices but also recommends tools to help companies get actionable advice on how to prevent malware attacks.\u201d<\/em><\/p>\n<cite>&#8211; Colin Ma, founder of <a rel=\"noreferrer noopener\" href=\"https:\/\/digitalsoftwareproducts.com\/\" target=\"_blank\">Digital Software Products<\/a>. He\u2019s consulted for large enterprises with regard to securing their web apps. He\u2019s also served as Director of Engineering at Finli, a personal bill payment platform, to ensure sensitive and secure personal information remains that way.&nbsp;&nbsp;  <\/cite><\/blockquote>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"h-8-the-cert-guide-to-insider-threats\">8. The CERT Guide to Insider Threats<\/h4>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Author(s):<\/strong> Dawn M. Cappelli, Andrew P. Moore,\nRandall F. Trzeciak<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/www.amazon.com\/CERT-Guide-Insider-Threats-Information\/dp\/0321812573\/\" target=\"_blank\">The CERT Guide to Insider Threats<\/a> is one of those cybersecurity books that breaks down the findings of the CERT Insider Threat Center at Carnegie Mellon University\u2019s Software Engineering Institute (SEI). The authors share real-world guidance and methods that managers, IT security, and other employees within any organization can put into action to combat cybercrimes and cybersecurity threats. <\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p class=\"wp-block-paragraph\"><em>The CERT Guide to Insider Threats is a great book for cybersecurity experts. It covers an area that many people overlook and is one of the biggest security concerns an organisation can have &#8211; an insider threat.<br> <br> We all worry about external security issues, but this book looks at vulnerabilities from within your system.<br> <br> It outlines a huge variety of insider attacks, and provides advice on how to set up effective protection, and most importantly, how to find and discover potential threats.<br> <br> I wouldn\u2019t recommend this book to someone new to the industry, as it\u2019s a difficult read and highly technical, but for cybersecurity experts it\u2019s a valuable tool to protecting your system from the inside out.\u201d<\/em> <\/p>\n<cite> &#8211; Mike Gilfillan, lead developer at <a rel=\"noreferrer noopener\" aria-label=\"Edge of the Web (opens in a new tab)\" href=\"https:\/\/www.edgeoftheweb.co.uk\/\" target=\"_blank\">Edge of the Web<\/a>, a full-service digital agency. <\/cite><\/blockquote>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"h-9-the-cyber-effect\">9. The Cyber Effect<\/h4>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Author(s):<\/strong> Mary Aiken<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/www.amazon.com\/Cyber-Effect-Cyberpsychology-Technology-Values\/dp\/0812987470\/ref=sr_1_1?keywords=The+Cyber+Effect+Mary+Aiken&amp;qid=1580762445&amp;s=books&amp;sr=1-1\">The Cyber Effect<\/a> is \u201cA groundbreaking exploration of how cyberspace is changing the way we think, feel, and behave.\u201d The content draws from Aiken\u2019s experience as a forensic cyber-psychologist who has worked with law enforcement agencies worldwide. An additional fun fact? Her work was the inspiration for the popular TV series SCI: Cyber! <\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p class=\"wp-block-paragraph\"><em>Mary Aiken&#8217;s book, The Cyber Effect, is the best book to read if you want to understand the psychology behind the technology. What are the effects cyber has in our lives? What is the disinhibition effect?<br> <br> Technology has invaded every aspect of our lives; it is changing social and private behavior, having a disproportionate impact on our children and facilitating types of criminal and antisocial behavior that are repulsive and sometimes terrifying. The reality is that digital technology (like most technologies) is both good and bad. So the only rational way forward is to figure out how to live intelligently with it. But in order to do that we need to understand it. What we lack is an informed understanding of the problems, dangers and pathologies to which it gives rise.<br> <br> This is the gap that Dr. Aiken seeks to fill. As a psychologist, her prime interest is in the scientific understanding of online behavior. This book is wonderfully written. Mary Aiken has done an excellent job explaining in an easy to understand language otherwise difficult ideas. It is very informative and changes a lot the way you visualize your behavior in front of your screen. Highly recommended.\u201d<\/em><\/p>\n<cite>&#8211; Anastasios Arampatzis, information security content writer at <a href=\"https:\/\/welcometobora.com\/\">Bora<\/a> (an IT security marketing company). Arampatzis is a retired Hellenic Air Force officer with more than two decades of cybersecurity and IT project management experience. <\/cite><\/blockquote>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"h-10-hacking-exposed-7-network-security-secrets-and-solutions\">10. Hacking Exposed 7: Network Security\nSecrets and Solutions<\/h4>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Author(s):<\/strong> Stuart McClure,\nJoel Scambray, George Kurtz<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/www.amazon.com\/Hacking-Exposed-Network-Security-Solutions\/dp\/0071780289\">Hacking Exposed 7<\/a> is an in-depth look at hacking from an academic standpoint. It\ncovers everything from the basics of footprinting to exploring the\n\u201ccountermeasures cookbook.\u201d The three cybersec experts help you learn what you\ndon\u2019t know so that you can make informed decisions and take effective action. <\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p class=\"wp-block-paragraph\"><em>Cyber security is an ever-evolving field, making it difficult for certain books to remain relevant for long. But the right books offer readers an excellent foundation for learning about cyber security. My favorite cyber security book series, Hacking Exposed, accomplishes this while also continuing to offer new editions to keep readers up to date.<br> <br> Hacking Exposed: Network Security Secrets and Solutions is an international best-selling series written by renowned security experts Stuart McClure, Joel Scambray, and George Kurtz. Each edition exposes hackers\u2019 latest tactics and illustrates field-tested remedies through case studies. With every new edition, a new perspective and lesson is gained. Often times, cyber security books can sound redundant, but the Hacking Exposed series is thoughtfully crafted to engage readers and teach experts how to think like a hacker in order to prevent security breaches.\u201d<\/em><\/p>\n<cite>&#8211; Darren Deslatte, cyber security expert and vulnerability operations leader at <a href=\"https:\/\/www.entrustsolutions.com\/\" target=\"_blank\" rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\">Entrust Solutions<\/a>. The company is a technology solutions, IT managed services, and staff augmentation provider with offices in New Orleans and Norfolk. <\/cite><\/blockquote>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"h-11-threat-modeling-designing-for-security\">11. Threat Modeling: Designing for Security<\/h4>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Author(s):<\/strong> Adam Shostack<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/www.amazon.com\/Threat-Modeling-Designing-Adam-Shostack\/dp\/1118809998\" target=\"_blank\">Threat Modeling<\/a> is a book for cybersecurity professionals, developers and managers alike. This is one of the cyber security books that explores various threat modeling approaches and ways to address threats that have been effective for Microsoft and other major organizations. <\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p class=\"wp-block-paragraph\"><em>It offers an excellent approach to cyber security based around the idea building security into systems during the design phase using a threat modelling approach, rather than having it be something that comes later.<br> <br>Shostack provides actionable advice on dealing with actual threats and vulnerabilities that real world security experts deal with every day.\u201d<\/em><\/p>\n<cite>&#8211; <a href=\"https:\/\/getvoip.com\/staff\/reuben-yonatan\/\">Reuben Yonatan<\/a>, founder and CEO of <a href=\"https:\/\/getvoip.com\/\">GetVoIP<\/a>. He\u2019s an entrepreneur and tech enthusiast with a background in the telecom industry. Yonatan\u2019s known throughout the industry for sharing his insights on digital media, software, cloud computing, and enterprise solutions in Forbes and Business Insider. <\/cite><\/blockquote>\n\n\n\n<p class=\"wp-block-paragraph\">The next two recommendations of the best cybersecurity books come from <a href=\"https:\/\/mattpalmer.net\/about-matt\/\">Matt Palmer<\/a>, an experienced CISO and IT leader who serves as Director of <a href=\"https:\/\/cyberclaria.com\/\">Cyberclaria<\/a>. He specializes in strategic change and transformation within the fields of tech and cyber and is an international speaker on cyber risk management and tech leadership.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"h-12-countdown-to-zero-day-stuxnet-and-the-launch-of-the-world-s-first-digital-weapon\">12. Countdown to Zero Day: Stuxnet and the Launch of the World&#8217;s First Digital Weapon<\/h4>\n\n\n\n<p class=\"wp-block-paragraph\"><a><strong>Author(s):<\/strong><\/a>&nbsp;Kim Zetter<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/www.amazon.com\/Countdown-Zero-Day-Stuxnet-Digital\/dp\/0770436196\/ref=sr_1_1?dchild=1&amp;keywords=Countdown+to+Zero+Day%3A+Stuxnet+and+the+Launch+of+the+World%27s+First+Digital+Weapon&amp;qid=1607616861&amp;sr=8-1\">Countdown to Zero Day<\/a> is an informative look at the start of digital warfare, deep-diving into the release of Stuxnet and how it came to impact a nuclear facility in Natanz, Iran. This is one of those must-read cyber security books for experts and non-technical people alike to gain an insight into the power and impact of modern cyber tools and attacks.<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p class=\"wp-block-paragraph\"><em>I routinely give away Kim Zetter\u2019s \u2018Countdown to Zero Day\u2019 to non-cyber specialists, execs, and new starters in Infosec as it is a remarkably well told and absorbing story that explains how these risks behave in reality.\u201d<\/em><\/p>\n<\/blockquote>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"h-13-how-to-measure-anything-in-cyber-security-risk\">13. How to Measure Anything in Cyber Security Risk<\/h4>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Author(s):<\/strong> Douglas W. Hubbard &amp; Richard Seiersen<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/www.amazon.com\/How-Measure-Anything-Cybersecurity-Risk-ebook\/dp\/B01J4XYM16\">How to Measure Anything in Cyber Security Risk<\/a> is an eye-opening look at the shortcomings of common cyber risk management methods. In addition to showcasing how desperately the industry as a whole needs to improve its existing security methodologies, the authors also offer insights and alternate techniques for how to do that.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">According to Palmer:<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p class=\"wp-block-paragraph\"><em>I also give out Doug Hubbard\u2019s \u2018How to Measure Anything in Cyber Security Risk\u2019 to cyber security specialists as it shows how we can do a much better job than we do today. It\u2019s a wake up call for the profession.<em>\u201d<\/em><\/em><\/p>\n<\/blockquote>\n\n\n\n<p class=\"wp-block-paragraph\">Sivan Tehila, Director of Solution Architecture at <a href=\"https:\/\/www.perimeter81.com\/\">Perimeter 81<\/a> and founder of <a href=\"https:\/\/cyberladiesnyc.com\/\">Cyber Ladies NYC<\/a>, also calls this book \u201ca must\u201d for industry experts.<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p class=\"wp-block-paragraph\"><em>I am teaching my students with this book all the basics of cybersecurity risk management. We can\u2019t really build any cybersecurity plan and can\u2019t respond to any incident without doing a good risk assessment first, and this book covers all that experts need to know.\u201d<\/em><\/p>\n<\/blockquote>\n\n\n\n<p class=\"wp-block-paragraph\">As a cybersecurity expert with more than 14 years of experience, Tehila says that she also recommends the following book for essentially the same reasons:<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"h-14-the-complete-guide-to-cybersecurity-risks-and-controls-internal-audit-and-it-audit-1st-edition\">14. The Complete Guide to Cybersecurity Risks and Controls (Internal Audit and IT Audit), 1st Edition<\/h4>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Author(s):<\/strong> Anne Kohnke, Dan Shoemaker, and Ken Sigler<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/www.amazon.com\/Complete-Guide-Cybersecurity-Controls-Internal\/dp\/1498740545\">The Complete Guide to Cybersecurity Risks and Controls<\/a> is a formative book that takes a practical approach to control and governance of information and communication technologies (ICT). Unlike other books, the authors view the topic through a lens of ICT operations being less of a technical issue than one of strategic governance.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"h-15-click-here-to-kill-everybody-security-and-survival-in-a-hyper-connected-world\">15. Click Here to Kill Everybody: Security and Survival in a Hyper-Connected World<\/h4>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Author(s):<\/strong> Bruce Schneier<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/www.audible.com\/pd\/Click-Here-to-Kill-Everybody-Audiobook\/B07KJ9TRSK?ref=a_library_t_c5_libItem_&amp;pf_rd_p=85df3330-9dc4-4a45-ae69-93cc2fc25ca4&amp;pf_rd_r=C1EVHS6GF4CZ4005K3KY\">Click Here to Kill Everybody<\/a> is a jolting look at the widespread adoption of \u201csmart\u201d devices around the world and the risks that come with them. The book goes beyond simply talking about the implications of such hyperconnected devices to explore the underpinning forces that contribute to the growing list of insecurities that we\u2019re seeing in IoT technologies. &nbsp;<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p class=\"wp-block-paragraph\"><em>Bruce Schneier is an immensely respected and well-known cryptographer, cybersecurity professional and author. If you\u2019re familiar with Schnier\u2019s work (and everyone in the cybersecurity arena should be), the clever and sadly accurate title alone makes \u201cClick Here to Kill Everybody\u201d a must read. Thankfully, the book lives up to its attention-grabbing title, delving deeply into the implications of a hyperconnected, always-on world where our physical and digital realities are merging because our devices are becoming \u201csmart;\u201d controlled by software and networked with as well as interdependent on each other.<\/em><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><em>Schneier does a great job pointing out both the potential benefits Internet of Things (IoT) devices are already creating, as well as the significant issues they are causing. Perhaps the most significant issue being that everything is now a computer (or will be soon), and as we see in the headlines every day, all computers can be hacked.<\/em><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><em>Because of the increasing connection to and control over our physical world, attackers can launch digital attacks that create chaos and wreak havoc in the real world. For example, the first known malware related death was recently reported by a hospital in Germany. Schneier adeptly explores the risks of our new reality including the technological, political, and economic reasons for how we find ourselves in a situation where it\u2019s at least conceivable that one click could kill everyone.\u201d<\/em><\/p>\n<cite>\u2014 Dave Hatter is an award-winning cybersecurity professional and CISSP. In addition to serving as a writer and educator within the fields of IT and cybersec, Hatter also serves as a Cyber Security Consultant at <a href=\"https:\/\/www.intrust-it.com\/\">IntrustIT<\/a>.<\/cite><\/blockquote>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"h-16-comptia-network-certification-all-in-one-exam-guide-seventh-edition\">16. CompTIA Network+ Certification All-In-One Exam Guide, Seventh Edition<\/h4>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Author(s):<\/strong> Mike Meyers<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/www.amazon.com\/dp\/1260122387\/ref=cm_sw_r_cp_apa_fabc_bIL0FbEBERXSP\">CompTIA Network+<\/a> is a best-selling exam guide for certified professionals everywhere. Written by the foremost CompTIA training and certification effort, this is one of those cyber security books that\u2019s known for talking about the subject matter in an engaging way while retaining a practical, real-world focus.&nbsp;<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p class=\"wp-block-paragraph\"><em>Any of the Meyers books are always easy picks and come with high recommendations. They&#8217;re more textbook than relaxation reading, with certification tests assigned to them, but they still are great as reference manuals when working in this field. I&#8217;ve recently picked these two up to brush up: Network + and Security +.\u201d<\/em><\/p>\n<cite>\u2014 Jeremy Caban, IT administrator and DevOps engineer at The SSL Store\u2019s U.S. office. Caban has 10+ years of experience in the IT world and considers himself a techie at heart.<\/cite><\/blockquote>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"h-17-bulletproof-ssl-and-tls-understanding-and-deploying-ssl-tls-and-pki-to-secure-servers-and-web-applications\">17. Bulletproof SSL and TLS: Understanding and Deploying SSL\/TLS and PKI to Secure Servers and Web Applications<\/h4>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Author(s):<\/strong> Ivan Ristic<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/www.amazon.com\/Bulletproof-SSL-TLS-Understanding-Applications\/dp\/1907117040\">Bulletproof SSL and TLS<\/a> is often considered the bible of SSL\/TLS implementations. It\u2019s written by the author of the SSL Labs website, the go-to resource for statistics and other information relating to SSL\/TLS deployments.<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p class=\"wp-block-paragraph\"><em>This book is an excellent field guide for anyone tasked with managing SSL\/TLS.&nbsp; It is a comprehensive book that is easy to read and understand.&nbsp; The book is well laid out which makes it great for referencing and the electronic version is regularly updated.&nbsp; It&#8217;s been appreciated by my customers both new to SSL and veterans alike.\u201d<\/em><\/p>\n<cite>\u2014 Dianne Douglas, Strategic Account Executive \u2014 Certificate Cloud Solutions at <a href=\"https:\/\/www.entrust.com\/\">Entrust<\/a>. She has more than a decade of experience working in in the fields of digital identity and cloud technologies.<\/cite><\/blockquote>\n\n\n\n<p class=\"wp-block-paragraph\">Now, for an extra little bit of good news about this particular title\u2026 <a href=\"https:\/\/blog.ivanristic.com\/2020\/11\/bulletproof-ssl-and-tls-second-edition-preview.html\">Ristic announced on his blog<\/a> that <a href=\"https:\/\/www.feistyduck.com\/books\/bulletproof-ssl-and-tls\/\">a preview of the second edition of his book<\/a> is now available. So, if you were looking for something a little more up to date, it looks like his latest version of the book is one you can turn to.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Okay, since we\u2019re still in the vein of talking about SSL\/TLS, there\u2019s one more title that\u2019s worth mentioning on our list of the best cybersecurity books\u2026<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"h-18-ssl-tls-under-lock-and-key-a-guide-to-understanding-ssl-tls-cryptography\">18. SSL\/TLS Under Lock and Key: A Guide to Understanding SSL\/TLS Cryptography<\/h4>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Author(s):<\/strong> Paul Baka &amp; Jeremy Schatten<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/www.ssltrust.com.au\/books\">SSL\/TLS Under Lock and Key<\/a> is a cyber security book that aims to reach and educate beginners and veteran IT professionals alike. It provides a combination of theorical and practical information to help readers gain a greater understanding of SSL\/TLS cryptography and how it works.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Although this particular title wasn\u2019t technically highlighted by the experts who gave recommendations for this article, I think it\u2019s a valuable resource that\u2019s worth mentioning. Not only is it a great book for those who work within the SSL\/TLS industry, but it\u2019s also a great resource for other cybersecurity and IT professionals as well. And since SSL\/TLS is kind of our area of interest and expertise\u2026 well, it seems only fitting that we include it in our list of the best cyber security books.<\/p>\n\n\n<span style=\"--tl-form-height-m:861.156px;--tl-form-height-t:899.625px;--tl-form-height-d:899.625px;\" class=\"tl-placeholder-f-type-shortcode_12653 tl-preload-form\"><span><\/span><\/span>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"h-19-cybersecurity-essentials\">19. Cybersecurity Essentials<\/h4>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Author(s):<\/strong> Charles J. Brooks, Christopher Grow, Philip Craig, and Donald Short<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/www.amazon.com\/Cybersecurity-Essentials-Charles-J-Brooks\/dp\/1119362393\">Cybersecurity Essentials<\/a> is one of those books on cybersecurity that introduces readers to the \u201cneed-to-knows\u201d of the industry. It also helps to prepare them for gaining certificates with real-world scenarios and breakdowns of essential concepts.<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p class=\"wp-block-paragraph\"><em>As the tech expert and owner of a company, in my opinion, the best security book that I&#8217;ve read and highly recommend would be <strong>Cybersecurity Essentials written by Charles Brooks and Christopher Grow.<\/strong> This book wins its spot on the list for its value to those making their start in cybersecurity. It offers readers a compact, comprehensive introduction to the cybersecurity field with fundamental topics required by those exploring their first cybersecurity certifications.<br><br>This book boils cybersecurity down to four key hurdles: securing infrastructure, securing devices, securing perimeters, and securing local networks. By the time you\u2019re done reading this book, you will know your position in cybersecurity and will be better provided with the knowledge to make your first moves within the field.\u201d<\/em><\/p>\n<cite>\u2014 Shayne Sherman, CEO of <a href=\"https:\/\/techloris.com\/\">Techloris<\/a>, a blog that\u2019s dedicated to helping users resolve their PC issues in the easiest way possible.<\/cite><\/blockquote>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"h-20-the-pentester-blueprint-starting-a-career-as-an-ethical-hacker\">20. The Pentester Blueprint: Starting a Career as an Ethical Hacker<\/h4>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Author(s):<\/strong> Phillip Wylie and Kim Crawley<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">If you\u2019re looking for a new cybersecurity book that\u2019s pretty much hot off the press, then look no further. <a href=\"https:\/\/www.amazon.com\/Pentester-BluePrint-Your-Guide-Being\/dp\/1119684307\">The Pentester BluePrint<\/a> is a deep-dive into the world of white hat hacker activities. This book, which just came out in November 2020, serves as a guide for understanding how to make a career out of penetration testing. It explores basic and advanced topics that are pertinent to the job and helps you assess your current skills and knowledge.<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p class=\"wp-block-paragraph\"><em>Phil and Kim do a great job in this book in providing a &#8220;map&#8221; for aspiring pentesters.&nbsp;They cover the real information people need to know, including what pentesting certifications to look at getting.\u201d<\/em><\/p>\n<cite>\u2014 <a href=\"https:\/\/www.linkedin.com\/in\/kenunderhill\">Ken Underhill<\/a>, is a multi-award winning and internationally recognized business consultant, cybersecurity leader, entrepreneur, and the executive producer and host of the Cyber Life television show, which is the first cybersecurity streaming (OTT) TV show (coming in January 2021). In addition to holding a master\u2019s degree in cybersecurity and information assurance, he\u2019s also a certified ethical hacker (CEH) and computer hacking forensic investigator (CHFI).<\/cite><\/blockquote>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"h-21-the-cuckoo-s-egg\">21. The Cuckoo\u2019s Egg<\/h4>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Author(s):<\/strong> Clifford Stoll<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/www.simonandschuster.com\/books\/The-Cuckoos-Egg\/Cliff-Stoll\/9781416507789\">The Cuckoo\u2019s Egg<\/a> is author Cliff Stoll\u2019s first-hand account of when he worked as a systems manager at Lawrence Berkeley Lab. He became aware of an unauthorized user who was stealing sensitive military and security information and set out to stop him by any means necessary. But it wasn\u2019t until he started digging that he discovered just how far that rabbit hole would go \u2014 ultimately leading to the discovery of an international spy ring.<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p class=\"wp-block-paragraph\"><em>Engaging the layman requires readability, however, while fiction may be useful to understand subcultural elements of cybersecurity, I\u2019m not sure I\u2019ve found a novel yet that\u2019s particularly effective at illustrating the core principles of cybersecurity.&nbsp;Clifford Stoll\u2019s The Cuckoo\u2019s Egg is a timeless and eminently readable non-fiction account of real world computer espionage that involves the early use of techniques (weak passwords, honey-pots, threat intelligence, etc.) that are still relevant today.\u201d<\/em><\/p>\n<cite>\u2014 Tim Wade, technical director, CTO at <a href=\"https:\/\/www.vectra.ai\/\">Vectra AI<\/a>, an AI-service provider of network threat detection and response products and services.<\/cite><\/blockquote>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"h-22-sandworm\">22. Sandworm<\/h4>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Author(s):<\/strong> Andy Greenberg<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/www.amazon.com\/Sandworm-Cyberwar-Kremlins-Dangerous-Hackers\/dp\/0385544405\">Sandworm<\/a> is a title that deserves to be on a list of the best cyber security books. That\u2019s because it gives readers a ground-breaking look at the Russian hacking group Sandworm and one of the most impactful cyber attacks in history that caused a massive blackout in Kyiv, Ukraine. &nbsp;&nbsp;<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p class=\"wp-block-paragraph\"><em>This book should be mandatory reading for everyone in the security industry.<\/em><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><em>Another awesome book that covers many of the recent major incidents and cyber-attacks.&nbsp;Being in Estonia during the 2007 cyberwar, which I survived, this book was one of the few that got the technical details accurate, which I always appreciate and respect.&nbsp; Andy\u2019s coverage of these events makes reading this book exciting.&nbsp;This should be mandatory reading for all security professionals.\u201d<\/em><\/p>\n<cite>\u2014 Joseph Carson, chief security scientist and advisory CISO at <a href=\"https:\/\/thycotic.com\/\">Thycotic<\/a>, a privileged access management (PAM) solutions provider.<\/cite><\/blockquote>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Read More: <a href=\"https:\/\/www.thesslstore.com\/blog\/what-is-a-ddos-attack\/\">What Is a DDoS Attack?<\/a><\/strong><\/p>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"h-23-little-brother\">23. Little Brother<\/h4>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Author(s):<\/strong> Cory Doctorow<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/www.amazon.com\/Little-Brother-Cory-Doctorow\/dp\/0765323117\">Little Brother<\/a> is a work of fiction with a powerful message about cybersecurity, social media, surveillance, and digital disobedience. It follows the tale of a teenage hacker who finds himself and his friends living in a community-turned-police-state where everyone is a suspected terrorist, and what they do to fight it. &nbsp;<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p class=\"wp-block-paragraph\"><em>This novel describes numerous key concepts around modern computing and cybersecurity, told from the perspective of a high school student who gets caught up in a government surveillance program.&nbsp;Unlike George Orwell&#8217;s concept of Big Brother from &#8220;1984&#8221;, which was about a police state putting cameras in everyone&#8217;s homes, Little Brother tells the story about how social media and the age of the smartphone, smart speaker and Internet of Things (IoT) leads to us leaking thousands of tiny little data points about ourselves each day.&nbsp;It has a great overview of data privacy, the fundamental building blocks of encryption and hacker\/cypherpunk culture.\u201d<\/em><\/p>\n<cite>\u2014 David Richardson, Vice President at <a href=\"https:\/\/www.lookout.com\/\">Lookout<\/a>, a mobile security solutions platform. As a mobile security expert with 45 patents issued related to mobile security, he oversees mobile product management at the company and also speaks frequently at security conferences.<\/cite><\/blockquote>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"h-24-the-hacker-and-the-state-cyber-attacks-and-the-new-normal-of-geopolitics\">24. The Hacker and the State: Cyber Attacks and the New Normal of Geopolitics<\/h4>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Author(s):<\/strong> Ben Buchanan<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/www.hup.harvard.edu\/catalog.php?isbn=9780674987555\">The Hacker and the State<\/a> is a chillingly insightful accurate look at the impact of information security and cyber warfare on the geopolitical climate. It covers major nation state cyber attacks and is chockfull of anecdotes and key insights gleaned through interviews, reports, and declassified data.<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p class=\"wp-block-paragraph\"><em><strong>The Hacker and the State: Cyber Attacks and the New Normal of Geopolitics<\/strong>&nbsp;by Ben Buchanan was a book I picked up early this year, planning on it being my airplane and layover book. Since that all changed, I ended up reading it all one weekend and enjoyed it.&nbsp;<\/em><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><em>The book is sometimes over-simplistic on the technical side, but it walks through the most significant cyberwar incidents over the last decade and identifies the key players involved. With the ongoing FireEye\/SolarWinds\/Federal Government hack still unfolding, this is a great book to help get you up to speed as this next round of attacks and counter-attacks start to develop.&nbsp;<\/em><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><em>A quote I took away from the book that stuck with me is, \u2018The harm hackers can do is expanding faster than the deterrence or defenses against them.\u2019 As someone who helps companies secure their systems, this quote makes a huge impact when someone like Ben Buchanan talks about it in terms of nation-states funding hackers with &#8220;unlimited&#8221; resources and a defined target, but this is really not true for your average corporation that is not being specifically targeted as the research we have done over the last few years have pointed out.\u201d<\/em><\/p>\n<cite>\u2014 Jerry Gamblin, Director of Security Research at <a href=\"https:\/\/www.kennasecurity.com\/\">Kenna Security<\/a>. He has more than 15 years of experience as a security researcher and analyst with an emphasis on application and enterprise network security.<\/cite><\/blockquote>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"h-25-the-cybersecurity-playbook-how-every-leader-and-employee-can-contribute-to-a-culture-of-security\">25. The Cybersecurity Playbook: How Every Leader and Employee Can Contribute to a Culture of Security<\/h4>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Author(s):<\/strong> Allison Cerra<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Alright\u2026 last but certainly not least on our list of the best cybersecurity books is <a href=\"https:\/\/www.wiley.com\/en-us\/The+Cybersecurity+Playbook%3A+How+Every+Leader+and+Employee+Can+Contribute+to+a+Culture+of+Security-p-9781119442196\">The Cybersecurity Playbook<\/a>. This one is all about helping employees at all levels of an organization identify weaknesses and assess threats. It also drives home the importance of having effective policies in place to help protect organizations against vulnerabilities associated with the human factor: their employees. &nbsp;<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p class=\"wp-block-paragraph\"><em>Any technical computer book gets outdated in just a few months; some become obsolete even before they are published. It happens because the software is regularly updated, adding new features, as well as hackers, discover new vulnerabilities.&nbsp;The Cybersecurity Playbook isn&#8217;t the technical guide.&nbsp;It steers our culture in the right direction by integrating sound security habits with every employee, manager or board member.<\/em><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><em>Security challenges require the right attitude. The right attitude is based on the principles of shared responsibility and cybersecurity awareness. This book provides clear guidance on how to achieve it. The principles introduced by Allison Cerra will remain relevant for many years to come.\u201d<\/em><\/p>\n<cite>\u2014 Andre Ross, head of computer forensic investigations and incident response at <a href=\"https:\/\/www.elvidence.com.au\/\">Elvidence<\/a>. He has 20 years of experience working within the IT security.<\/cite><\/blockquote>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-looking-for-other-recommendations-of-cyber-security-books\">Looking for Other Recommendations of Cyber Security Books?<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">There are many great books out there concerning the cyber security industry and IT as a whole. What are some of your favorite cyber security books? Be sure to share them in the comments section below. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">If you\u2019ve already checked out all of these cyber security books and are looking for other ways to fill your evenings, be sure to check out our list of the top <a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/www.thesslstore.com\/blog\/the-ultimate-hacker-movies-list-for-2020\/\" target=\"_blank\">cybercrime and hacker movies<\/a>. In this article, we share the 40 best hacker movies and movies about cybercrime, along with insights from industry experts.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-css-opacity\"\/>\n\n\n\n<p class=\"wp-block-paragraph\"><\/p>\n","protected":false},"excerpt":{"rendered":"<p>We asked cybersecurity pros to share their favorite cybersecurity books \u2014 here\u2019s what they recommend for our newly expanded list Criminals. Mystery. Danger. Money. Technology. Sextortion. While all of these&#8230;<\/p>\n","protected":false},"author":17,"featured_media":12032,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":"","tve_updated_post":"","tve_custom_css":"","tve_user_custom_css":"","tve_globals":{},"tcb2_ready":0,"tcb_editor_enabled":0,"tve_landing_page":"","_tve_header":"","_tve_footer":""},"categories":[16,10200],"tags":[11777,175],"class_list":["post-12030","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-hashing-out-cyber-security","category-monthly-digest","tag-books","tag-cybersecurity","post-with-tags"],"views":336979,"jetpack_featured_media_url":"https:\/\/www.thesslstore.com\/blog\/wp-content\/uploads\/2020\/02\/cyber-security-books.jpg","_links":{"self":[{"href":"https:\/\/www.thesslstore.com\/blog\/wp-json\/wp\/v2\/posts\/12030","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.thesslstore.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.thesslstore.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.thesslstore.com\/blog\/wp-json\/wp\/v2\/users\/17"}],"replies":[{"embeddable":true,"href":"https:\/\/www.thesslstore.com\/blog\/wp-json\/wp\/v2\/comments?post=12030"}],"version-history":[{"count":0,"href":"https:\/\/www.thesslstore.com\/blog\/wp-json\/wp\/v2\/posts\/12030\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.thesslstore.com\/blog\/wp-json\/wp\/v2\/media\/12032"}],"wp:attachment":[{"href":"https:\/\/www.thesslstore.com\/blog\/wp-json\/wp\/v2\/media?parent=12030"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.thesslstore.com\/blog\/wp-json\/wp\/v2\/categories?post=12030"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.thesslstore.com\/blog\/wp-json\/wp\/v2\/tags?post=12030"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}